I have pfS configured on a high-end Compaq server 4proc w/ a 4 disk array and 12 network interfaces and have it set up w/ 2 million states and never run into trouble on that specific server. I have several heavily populated networks connecting on different interfaces and dual WAN setup with site-to-site tunnels to 20+ sites. You might also set you "Firewall Optimization Options" to agressive, although if you have many long lasting connections like VPN tunnels, this may not be an optimal config option for you. I see (and hear of) no issues w/ the 7-8 thousand users that depend on this box every day.
BTW I am running BETA1, and not the latest snapshot. Regards, -- David L. Strout Engineering Systems Plus, LLC ----- Original Message ----- Subject: [pfSense Support] Running out of states again From: [EMAIL PROTECTED] To: [email protected] Date: 02-28-2006 7:12 am > Hello All, > > I had a problem about a month or so ago with running > out of states, and upped the state table size to 20000 > along with setting a few rules to modulate state. > Yesterday I ran out of states again and decided to see > if there was any way I could control this a bit better > rather than just keep upping the table size. Reading > through the PF documentation there are what looks like > controls for timeouts when the tables are getting full. > (adaptive.start and adpative.end) Is there any way of > setting these in PFSense? Or have I got it wrong? > > Lawrence Farr > EPC Direct Limited > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
